who were the primary target of the SolarWinds breach. What nobody's talking about is the rest of the 18,000 or so SolarWinds clients who may have been affected. For them, the clock is ticking to try and assess their risk of attack and to take...
Consider theSolarWindsand theMOVEitsupply chain attacks, for example. The former happened in 2020 because of understated and poorly communicated vulnerabilities, while the latter, in 2023, was caused by hackers exploiting a flaw within the file transfer software, gaining access to sensitive customer ...
Major software vulnerabilities, such as the SolarWinds hack and the Heartbleed bug, are nothing new—but this one is very different. The XZ Utils hack attempt took advantage of the way open-source software development often works. Like many open-source projects, XZ Utils is a crucial and wide...
Attackers can move laterally across your network once they have access to your environment. They can use legitimate credentials that are compromised. This can be extremely difficult to have visibility to and determine. SAML and other tokens have also been noted as compromised with the Solarwinds Or...
He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.You might also be interested in … 2024 Threat Landscape: Data Loss ...
The hack began as early as March when malicious code was snuck into updates to popular software that monitors computer networks of businesses and governments. The malware, affecting a product made by U.S. company SolarWinds, gave elite hackers remote access into an organization's networks so the...
Imagine the hysteria that would ensue if an even larger DDoS attack prevented them from accessing the SaaS applications they use to complete their jobs. In other words, many businesses provide services that could be classified as critical. Unfortunately, the Cyber Mission Force lacks a team t...
Could network penetration testing have prevented this? Maybe. My hypothesis is SolarWinds does penetration testing, because everybody does. And, probably, these systems were reported on but may or may not have been remediated. Is this going to change how companies go about this? Absolutel...